Tuesday, March 26, 2013

Is The Tallinn Manual On The International Law Applicable To International Cyber Warfare Attacks And Defence?

In this Guest Column, Praveen Dalal, managing
partner of ICT law firm Perry4Law
and leading techno legal expert of Asia, has shared his views as to
why the Tallinn
Manual on the international cyber warfare is not
applicable and binding in the sphere of international cyber warfare
activities.

In a Significant and much appreciated effort on the
part of NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD
COE), a manual titled the Tallinn
Manual on the International Law Applicable to Cyber
Warfare has been released.

The effort is Significant as it is the first
Coordinated and Collaborative effort in the direction of tackling the
menaced of Cyber Warfare at the International Level. However, this
effort of NATO is also “Highly Risky” and “Pre Mature” as
“International Consensus” is not an essential part of this
effort.

Even NATO is aware of these “Limitations” and
this is the reason why the Tallinn Manual is not an Official
Document, but instead an Expression of Opinions of a Group of
Independent Experts acting solely in their Personal Capacity. It
does not even represent the views of the Centre, its Sponsoring
Nations, or NATO. It is also not meant to reflect NATO
Doctrine. Nor does it reflect the position of any Organisation
or State represented by Observers.

Obviously, we should consider the Manual as nothing
more than personal Opinions of few Individuals and should not base
our Acts or Omissions on the basis of this Manual. Before forming our
Judgement on the basis of this Manual we must ask few questions.
These are:

(1) How NATO or those related to this Manual would
"Enforce" it?

(2) Why should it be considered to be "Binding
and Enforceable" at the International level?

(3) What if People, Institutions and States "Defy"
this Manual?

There are Thousands of such Questions and
“Jurisdictional Issues” that need to be answered and resolved
before we consider a Manual like this to be even "Considered"
much less "Adopted".

In my personal opinion, this Manual is "Premature"
and "Undesirable" at this stage when we have no
"Universally Acceptable" Cyber Law and Cyber Security
Norms. Jumping at the Apex without sorting out the controversial
issues existing at the Ground Level is a bad idea and NATO has
exactly done so.